On 17.05.2008 14:35, Peter Stuge wrote:
On Sat, May 17, 2008 at 01:51:32PM +0200, Stefan Reinauer wrote:
Peter Stuge wrote:
I don't think any other part of flashrom bit twiddling does restore,
Yes. They all leave it open, as they do with the board enable and the chipset enable. This is a very high security risk.
Why do you think so?
If flashrom was able to unlock something, then another process with sufficient credentials will also be able to unlock that something.
Indeed.
I seem to recall that there was discussion about restoring the board enable/chipset enable signals too. Someone mentioned that it wasn't always possible or safe to restore signals. I am not sure what the technical motivation for that was. I guess this is what has left the code in limbo..
Allow me to clarify. In the past, we restored the memory which was written to during the flash chip probe sequence. That has proven to be harmful, especially because the restored values sometimes did constitute a valid command sequence for some flash chips. Since flash chips are supposed to be ROM, a restore is only needed/possible if the flash chip is shadowed by memory and in that case we can't probe for it anyway. So any restore of the memory location contents touched during chip probe is dangerous and pointless.
Restoring the state of the chipset and the lockbits of a chip is not dangerous (unless a restore has unwanted side effects which would be triggered by touching the register in the first place as well) and could even be argued to constitute good style.
Regards, Carl-Daniel